imfreedom/k8s-cluster
Clone
Summary
Browse
Changes
Graph
Add the deployment for lists.imfreedom.org.
16 months ago, Gary Kramlich
22ca0a0280d4
Parents
44c74f4dc683
Children
58df72dc379a
Add the deployment for lists.imfreedom.org.
This is currently running at liststest.imfreedom.org until we are actually ready
to migrate the production stuff.
2 files changed, 142 insertions(+), 0 deletions(-)
+5
-0
50-lists.imfreedom.org/kustomization.yaml
+137
-0
50-lists.imfreedom.org/manifest.yaml
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/50-lists.imfreedom.org/kustomization.yaml Wed Dec 21 02:31:59 2022 -0600
@@ -0,0 +1,5 @@
+---
+namespace: imfreedom
+resources:
+ - manifest.yaml
+---
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/50-lists.imfreedom.org/manifest.yaml Wed Dec 21 02:31:59 2022 -0600
@@ -0,0 +1,137 @@
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+ name: lists-http
+spec:
+ entryPoints:
+ - http
+ routes:
+ - match: Host(`lists.imfreedom.org`) || Host(`liststemp.imfreedom.org`)
+ kind: Rule
+ services:
+ - name: lists
+ port: 80
+ middlewares:
+ - name: https-redirect
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+ name: lists-https
+spec:
+ entryPoints:
+ - https
+ routes:
+ - match: Host(`lists.imfreedom.org`) || Host(`liststemp.imfreedom.org`)
+ kind: Rule
+ services:
+ - name: lists
+ port: 80
+ middlewares:
+ - name: common-headers
+ - name: hsts-headers
+ tls:
+ secretName: lists-tls
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+ name: lists-tls
+spec:
+ secretName: lists-tls
+ issuerRef:
+ name: letsencrypt
+ commonName: liststemp.imfreedom.org
+ dnsNames:
+ - liststemp.imfreedom.org
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: lists
+ labels:
+ app: lists
+spec:
+ ports:
+ - port: 80
+ protocol: TCP
+ selector:
+ app: lists
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+ name: lists
+ labels:
+ app: lists
+spec:
+ podSelector:
+ matchLabels:
+ app: lists
+ ingress:
+ - from:
+ - namespaceSelector:
+ matchLabels:
+ name: kube-public
+ podSelector:
+ matchLabels:
+ app: traefik
+ role: controller
+ ports:
+ - port: 80
+ protocol: TCP
+---
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+ name: lists
+spec:
+ minAvailable: 1
+ selector:
+ matchLabels:
+ app: lists
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: lists
+ labels:
+ app: lists
+ keel.sh/policy: force
+ keel.sh/trigger: poll
+ annotations:
+ keel.sh/pollSchedule: "@every 30m"
+spec:
+ replicas: 2
+ revisionHistoryLimit: 0
+ selector:
+ matchLabels:
+ app: lists
+ template:
+ metadata:
+ labels:
+ app: lists
+ spec:
+ topologySpreadConstraints:
+ # Spreads out pods over the nodes
+ - labelSelector:
+ matchLabels:
+ app: lists
+ maxSkew: 1
+ topologyKey: kubernetes.io/hostname
+ whenUnsatisfiable: DoNotSchedule
+ containers:
+ - name: lists
+ image: docker.io/imfreedom/list-archives:latest
+ imagePullPolicy: Always
+ ports:
+ - containerPort: 80
+ resources:
+ limits:
+ cpu: 50m
+ memory: 96Mi
+ requests:
+ cpu: 10m
+ memory: 64Mi
+---